12 Mar
2024
12 Mar
'24
1:26 p.m.
DNSSEC everywhere would make more sense than HTTPS everywhere, which instead won the hype. Being sure to connect to the IP designated by the domain is essential, while encrypting every page of sites like, say, wikipedia is just wasting cycles.
tls gives a bit of authenticity too. modulo trusting a jillion certs built into your browser. dnssec can be a bit of a slog; say the guy who is six days into inline- signing conversion fun. randy